Slashdot Mirror

← Back to Stories (view on slashdot.org)

Adobe Flash Cookies Raising Privacy Questions Again

Posted by kdawson on from the flash-in-the-pan dept.

Nearly a year after we discussed the privacy implications of Flash cookies, they are in the news again as the US government considers revising its cookie policy. Wired covers a study out of UC Berkeley exposing questionable practices used by many of the Internet's most-visited Web sites (abstract). The most questionable activity the report exposes is known as "respawning": after a user has deleted browser tracking cookies, some sites will use information in Flash cookies to recreate them. The report names two companies, Clearspring and QuantCast, whose technologies reinstate cookies for other Web sites. "Federal websites have traditionally been banned from using tracking cookies, despite being common around the web — a situation the Obama administration is proposing to change as part of an attempt to modernize government websites. But the debate shouldn't be about allowing browser cookies or not, according Ashkan Soltani, a UC Berkeley graduate student who helped lead the study. 'If users don't want to be tracked and there is a problem with tracking, then we should regulate tracking, not regulate cookies,' Soltani said."

13 of 103 comments (clear)

  1. Perhaps we should surveil the surveyors... by fuzzyfuzzyfungus · · Score: 4, Interesting

    Spread across a reasonable number of annoyed individuals, paying to have a private investigator tail high level officers and major shareholders of advertising corporations that engage in this sort of thing 24/7/365 would be fairly inexpensive and amusing.

    1. Re:Perhaps we should surveil the surveyors... by johanatan · · Score: 4, Insightful

      I tend to think that it will come to that. In the near future, I expect everyone to record everything. The only question left for courts to decide will be the legitimacy of the material (i.e., whether it is authentic or counterfeit).

  2. Re:All i can say is by auric_dude · · Score: 5, Informative

    All I can say is BetterPrivacy via https://addons.mozilla.org/en-US/firefox/addon/6623

  3. Unintended reinterpretation. by girlintraining · · Score: 3, Insightful

    "If users don't want to be tracked and there is a problem with tracking, then we should regulate tracking, not regulate cookies"

    I'm glad we're agreed then. Cookies are used for tracking, so cookies should be regulated. But we won't treat cookies like they're special -- we'll regulate all other forms of tracking as well. That seems fair. In other, unrelated news -- anonymity doesn't exist. Sherlock Holmes may be a fictional character several hundred years dead now, but what he said back then applies today on the internet (which I paraphrase here) "Every place you go, you leave something behind and you take something with you." Tracking, therefore, is just a matter of following the (achem) tracks, and it's something anyone with a bit of skill can do.

    The problem is, we're failing society as professionals in the IT field -- part of our work (which most likely isn't earning you money) is teaching our friends, family, and interested parties about these problems and how to protect themselves from it because nobody else can or will. That's what has allowed this kind of crap to permeate into the mainstream... It wouldn't be tolerated if people knew better.

    --
    #fuckbeta #iamslashdot #dicemustdie
    1. Re:Unintended reinterpretation. by Synchis · · Score: 3, Insightful

      The problem is, we're failing society as professionals in the IT field -- part of our work (which most likely isn't earning you money) is teaching our friends, family, and interested parties about these problems and how to protect themselves from it because nobody else can or will. That's what has allowed this kind of crap to permeate into the mainstream... It wouldn't be tolerated if people knew better.

      I disagree with this. I've spent a long time in the industry, and am pretty much the only "tech enabled" person in amongst many friends and family. Many of them use the computer recreationally, and without a care as to what harms may become of them. To the layman, the computer is just a tool, and to most of them, there is no perceived risk to themselves. Thus, when I try to inform them of the risks they take, or try to teach them safer browsing habits, good housekeeping, etc. It is often met with indifference, and sometimes hostility. People don't like to be told they are wrong, especially when most people use the computer in the way they think is correct, and in most cases, the only way they know how.

      Many people are intimidated by computers, and to have somebody who is deeply involved in computers try to teach them best-practices, is sometimes insulting.

      So yeah, we may feel we have a responsibility to protect those that know less than us, but in reality, instilling that knowledge is not always easy, practical, or even sometimes possible.

      So no, I don't agree, I don't think we've failed. I think we're doing the best job we know how to do, in the face of at times massive and gross ignorance. Resistance does not mean I've given up. But I have learned over time which people are worth taking the time to teach, and which people are not worth the effort.

      --
      Thomas A. Knight
      Author of The Time Weaver
  4. Re:Piece of cake... by dc29A · · Score: 3, Informative

    Or on Windows, go to 'Document and Settings' (Users on Vista/7 if I am not mistaken), 'Application Data\Macromedia\Flash Player'.

    Remove '#SharedObjects' folder, create a file with same name on it. Remove all security rights on it. Do same with 'macromedia.com' folder.

    Problem solved. To test it, go to Youtube, set your volume to a certain level. Close browser, re-open and see if Youtube maintained the volume level. It shouldn't.

  5. Flash Website Storage Settings by wile_e8 · · Score: 5, Informative

    Go here to see all the flash cookies and delete any and all you don't want. Might not be as easy as deleting a directory, but I don't necessarily want to delete them all.

  6. Good browsers let the user choose by gurps_npc · · Score: 3, Informative

    In Firefox, the "Better Privacy" addon deletes flash cookies. Any browser that doesn't offer that kind of control is not worth getting. In my opinion, Firefox without "TACO" (auto creates a bunch of "opt out" cookies without any identifing details), "Better Privacy" (removes flash cookies)and "NoScript" (prevents unwanted scripts - including site-jacking stuff), is not fully installed.

    --
    excitingthingstodo.blogspot.com
  7. Re:All i can say is by Dogers · · Score: 4, Informative

    And a way to view what you currently have..
    http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager07.html

    --
    I am a viral sig. Please copy me and help me spread. Thank you.
  8. /dev/null by dtschmitz · · Score: 3, Informative

    What I do: #remove the existing macromedia directory and set a link to /dev/null
    $cd && rm -rf .macromedia && ln -s /dev/null .macromedia
    Be Safe!

    Dietrich T. Schmitz & Associates
    Cloud Computing Services

  9. Re:Piece of cake... by jo42 · · Score: 4, Insightful

    An even better solution is on Adobe's own web site: How to uninstall the Adobe Flash Player plug-in and ActiveX control

  10. Re:All i can say is by florescent_beige · · Score: 3, Informative

    I just started using bp last week and here is something important. The version on the Firefox addon site is not the latest. I got 1.41 at

    http://netticat.ath.cx/BetterPrivacy/BetterPrivacy.htm

    because it added a bit of functionality. Specifically in the way it treats DOM storage.

    DOM storage is not flash cookies (LSOs), it is a separate way sites can store data on your computer I had not heard about. The old version could only disable DS, but now BP can now treat DS like LSOs so it stays on but the data gets deleted on FF shutdown. Some sites like cnn video need DS turned on.

    Also I set it to delete the default LSO. That one stores a list of every flash site you visit. Even if you turn Flash local storage completely off using:

    http://www.macromedia.com/support/documentation/en/flashplayer/help/settings_manager03.html

    you will see a list of visited sites on the last tab on that control. Deleting the default cookie gets rid of that list.

    --
    Equine Mammals Are Considerably Smaller
  11. Re:All i can say is by NettiCat · · Score: 4, Informative

    The version on the Firefox addon site is not the latest.

    I wish the AMO folks would update BetterPrivacy to the latest version but I cannot do anything to accelerate that procedure. Thanks for your important note, I found it accidently while searching for related websites. NettiCat (author of BetterPrivacy, http://netticat.ath.cx/